Specifying Security Aspects in UML Models

نویسندگان

  • Karine Peralta
  • Alex M. S. Orozco
  • Avelino Francisco Zorzo
  • Flavio Oliveira
چکیده

Expansion of computer systems and the increasing number of services provided by Internet has lead software engineers to worry about security issues of their software. The reason is the short amount of time dedicated to test these characteristics, which leads to release insecure software to final users. To ease this problem, the use of modelbased testing is becoming popular. Several works propose standards to model various elements, but a few related to security characteristics. This article presents a technique to specify UML security stereotypes, aiming to guide developers by annotating vulnerable model parts and to allow the automatic security test case generation.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Aspect Oriented UML to ECORE Model Transformation

With the emerging concept of model transformation, information can be extracted from one or more source models to produce the target models. The conversion of these models can be done automatically with specific transformation languages. This conversion requires mapping between both models with the help of dynamic hash tables. Hash tables store reference links between the elements of the source...

متن کامل

Aspect-Oriented Modeling for Representing and Integrating Security Concerns in UML

Security is a challenging task in software engineering. Enforcing security policies should be taken care of during the early phases of the software development life cycle to more efficiently integrate security into software. To this end, we present in this paper an aspect-oriented modeling approach for specifying and integrating security solutions into UML design models. The proposed approach c...

متن کامل

Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory

Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...

متن کامل

Model-to-model Transformation Approach for Systematic Integration of Security Aspects into Uml 2.0 Design Models

Model-to-Model Transformation Approach for Systematic Integration of Security Aspects into UML 2.0 Design Models

متن کامل

Reconstructing a formal security model

Role-based access control (RBAC) is a flexible approach to access control, which has generated great interest in the security community. The principal motivation behind RBAC is to simplify the complexity of administrative tasks. Several formal models of RBAC have been introduced. However, there are a few works specifying RBAC in a way which system developers or software engineers can easily und...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008